For each account, CREATE USER
creates a new row in the mysql.user system
table with no privileges and assigns the account an
authentication plugin. Depending on the syntax used,
CREATE USER may also assign the
account a password.

An account when first created has no privileges. To assign
privileges, use the GRANT
statement.

Each user value naming an account may
be followed by an optional
auth_option value that specifies how
authentication occurs for clients that use the account. This
part of CREATE USER syntax is
shared with GRANT, so the
description here applies to GRANT
as well.

The server assigns an authentication plugin and password to each
account as follows, depending on whether the user specification
clause includes IDENTIFIED WITH to specify a
plugin or IDENTIFIED BY to specify a
password:

With IDENTIFIED WITH, the server assigns
the specified plugin and the account has no password. If the
optional AS
'hash_string' clause is
also given, the string is stored as is in the
authentication_string column (it is
assumed to be already hashed in the format required by the
plugin).

With IDENTIFIED BY, the server assigns no
plugin and assigns the specified password.

With neither IDENTIFIED WITH nor
IDENTIFIED BY, the server assigns no
plugin and the account has no password.

If the server assigns no plugin to the account, the
plugin column in the account's
mysql.user table row remains empty.

For client connections that use a given account, the server
invokes the authentication plugin assigned to the account and
the client must provide credentials as required by the
authentication method that the plugin implements. If the server
cannot find the plugin, either at account-creation time or
connect time, an error occurs.

If an account's mysql.user table row has a
nonempty plugin column:

The server authenticates client connection attempts using
the named plugin.

Changes to the account password using
SET PASSWORD with
PASSWORD() must be made with
the old_passwords system
variable set to the value required by the authentication
plugin, so that PASSWORD()
uses the appropriate password hashing method. If the plugin
is mysql_old_password, the password can
also be changed using SET
PASSWORD with
OLD_PASSWORD(), which uses
pre-4.1 password hashing regardless of the value of
old_passwords.

If an account's mysql.user table row has an
empty plugin column:

The server authenticates client connection attempts using
the mysql_native_password or
mysql_old_password authentication plugin,
depending on the hash format of the password stored in the
Password column.

To specify an authentication plugin for an account, use
IDENTIFIED WITH
auth_plugin. The plugin
name can be a quoted string literal or an unquoted name.
'auth_string'
is an optional quoted string literal to pass to the plugin.
The plugin interprets the meaning of the string, so its
format is plugin specific and it is stored in the
authentication_string column as given.
(This value is meaningful only for plugins that use that
column.) Consult the documentation for a given plugin for
information about the authentication string values it
accepts, if any.

The server assigns the given authentication plugin to the
account but no password. Clients must provide no password
when they connect. However, an account with no password is
insecure. To ensure that an account uses a specific
authentication plugin and has a password with the
corresponding hash format, specify the plugin explicitly
with IDENTIFIED WITH, then use
SET PASSWORD to set the
password:

Changes to the account password using
SET PASSWORD with
PASSWORD() must be made with
the old_passwords system
variable set to the value required by the account's
authentication plugin, so that
PASSWORD() uses the
appropriate password hashing method. Therefore, to use the
mysql_old_password plugin instead, name
that plugin in the CREATE
USER statement and set
old_passwords to 1 before
using SET PASSWORD.

To specify a password for an account at account-creation
time, use IDENTIFIED BY with the literal
cleartext password value:

CREATE USER 'jeffrey'@'localhost' IDENTIFIED BY 'password';

The server assigns the given password to the account but no
authentication plugin. Clients must provide the password
when they connect.

To avoid specifying the cleartext password if you know its
hash value (the value that
PASSWORD() would return for
the password), specify the hash value preceded by the
keyword PASSWORD:

The server assigns the given password to the account but no
authentication plugin. Clients must provide the password
when they connect.

To enable the user to connect with no password, include no
IDENTIFIED BY clause:

CREATE USER 'jeffrey'@'localhost';

The server assigns no authentication plugin or password to
the account. Clients must provide no password when they
connect. However, an account with no password is insecure.
To avoid this, use SET
PASSWORD to set the account password.

-- Create Admin user allow access from anywhere, remove WITH GRANT OPTION and change ALL PRIVILEGES to SELECT,INSERT,UPDATE,DELETE or/and other if not admin user is neededGRANT ALL PRIVILEGES ON *.* TO 'UserName'@'%' IDENTIFIED BY 'UnencriptedPa55w0RdHeRe' WITH GRANT OPTION;FLUSH PRIVILEGES;